Tuesday, February 01, 2011

Security 2.0 and the Next Ten Years for HKCERT

Established on 20th February 2001, HKCERT is celebrating our 10th anniversary. In this challenging decade, the Internet has changed tremendously, and so did the security threats and the work of HKCERT. We have dedicated the coming issues of our newsletter to review our achievements and deficiencies, and to look forward to developing better in the future.

In the first article of this series, we have invited Mr. Charles Mok, the former Chairman of the Hong Kong Internet Service Providers Association to give his views. Mr. Mok witnessed the birth and growth of HKCERT. As an independent party who cares a lot on the development of CERT in Hong Kong, his views on the development of HKCERT in the past and in the future are thought provoking.

Happy Birthday, HKCERT! Time certainly flies when it comes to the Internet, but it was almost just like yesterday, looking back at how the Internet community in Hong Kong lobbied for the formation of our own CERT (computer emergency response team) in the earlier years of the Internet in Hong Kong.

Back in the last millennium, Internet service providers in Hong Kong, organized under the Hong Kong Internet Service Providers Association (HKISPA), has spent a few years lobbying hard to the Government for funding support to create a CERT in Hong Kong, fully realizing that we were among the last economy in Asia to have one. First, we were told that the CERT should not be run by commercial and competing ISPs. Fine, we ISPs went looking for academic collaboration, and we were told that would be too academic. We squandered a couple of years wondering what the Government really wanted to do, while viruses of the day ran rampant in Hong Kong, causing havoc on their ways.

Finally, the Hong Kong Productivity Council (HKPC) stepped up and made its proposal to the Government to operate the CERT, supported by the HKISPA and others, and the Internet community in Hong Kong would be eternally thankful for HKPC’s stepping up to the plate. Over the years, through various funding droughts and uncertainties, HKCERT under HKPC has continued to provide exemplary services to our industry and the public. That was the last ten years, and Hong Kong was truly lucky not to have encountered any truly devastating security incident or disruptive episode for our Internet.

Changing needs

But times have been a-changing. Gone were the days of looking after firewalls and watching out for viruses that simply went about deleting your files from your PCs. Today, malwares are not only more powerful but they are more malicious, penetrating firewalls and bypassing detection by security software, and hiding under the skins of our computers, quietly hijacking our resources to cause more damages elsewhere on the net. Greater reliance on search engines, social networks and online financial transactions has made our daily lives and businesses much more susceptible to losses of all kinds, not the least of which involving our personal data privacy.

Such new development of Security 2.0 certainly calls for a new thinking in response – the CERT 2.0.

From passive to proactive – More and more CERTs around the world are funded to proactively provide services to clean up malware buried stealthily inside servers and computers in order to prevent them from bringing down a country’s network, rather than passively waiting for the victims to call for advice.

From response to research – Instead of passively making responses to threats, CERTs are funded to work closely with researchers to investigate local patterns of threats, and bridging the latest research findings with ISPs, web hosting companies and domain name registries in the frontline.

We need HKCERT 2.0

For many years, I have been urging the Government to do what many others have done, that is, to conduct proactive network monitoring to collect intelligence, to find out any emerging patterns of security threats, rather than waiting to respond when it has already happened. However, the Government seems content to only adopt such proactive approach during “major events,” such as the Olympics or East Asian Games. It is as if the perpetuators only do bad things when there is a big thing going on. Of course, this mentality is grossly inadequate by any measure.

A minimalist HKCERT is no longer sufficient for Asia’s World City, and the region’s Internet hub, as we position ourselves to be. HKCERT 2.0 must be funded and governed in a sustainable manner to conduct more research and testing and proactive network monitoring for new trends of threats, as well as providing active advice and guidelines to the industry and the public. More efforts must also be placed on education and public awareness, covering not only how to counter attacks, but to prevent leakages of data from the inside out.

I congratulate HKCERT and HKPC for a great ten years with excellent performance for Hong Kong under limited resources. I look forward to its continued contribution to Hong Kong and the IT sector in the next ten years and more!

Charles Mok
Former Chairman
Hong Kong Internet Service Providers Association

From HKCERT Security Newsletter, February 2011 Issue


Post a Comment

<< Home